Information Security Risk Management (5 op)
Toteutuksen tunnus: 3011369-3006
Toteutuksen perustiedot
- Ilmoittautumisaika
-
01.08.2023 - 30.08.2023
Ilmoittautuminen toteutukselle on päättynyt.
- Ajoitus
-
31.08.2023 - 31.12.2023
Toteutus on päättynyt.
- Opintopistemäärä
- 5 op
- Lähiosuus
- 5 op
- Toteutustapa
- Lähiopetus
- Yksikkö
- Tekniikka ja liiketoiminta
- Toimipiste
- Kupittaan kampus
- Opetuskielet
- suomi
- englanti
- Paikat
- 20 - 60
- Koulutus
- Degree Programme in Information and Communications Technology
- Tieto- ja viestintätekniikan koulutus
- Opettajat
- Pia Satopää
- Vastuuopettaja
- Pia Satopää
- Ryhmät
-
PTIETS21dncsPTIETS21 Tietoverkot ja Kyberturva
-
PTIVIS21TData Networks and Cybersecurity
- Opintojakso
- 3011369
Arviointiasteikko
H-5
Sisällön jaksotus
After completing the course the student can:
- explain basic principles of ISO/IEC27005:2008 -standard based information security risk assessment and risk management
- explain the basic principles of information security risk assessment and risk management
- list the phases of information security risk management process
- classify information security risks by applying different approaches
- give examples of different information security risk assessment methods
- organize and conduct information security risk assessment to an SME sector enterprise or similar size organization
- analyze the results of information security risk assessment
- give justified improvement proposals to mitigate information security risks.
Tavoitteet
After completing the course the student can:
- explain the basic principles of information security risk assessment and risk management
- list the phases of information security risk management process
- classify information security risks by applying different approaches
- give examples of different information security risk assessment methods
- organize and conduct information security risk assessment to an SME sector enterprise or similar size organization
- analyze the results of information security risk assessment
- give justified improvement proposals to mitigate information security risks.
Sisältö
- The basic principles of information security risk assessment and risk management
- Information security risk management standard ISO/IEC 27005:2008
- Information security risk assessment methods and best practices
- Practical work
Oppimateriaalit
Material will be published in Itslearning.
Opetusmenetelmät
- Lectures, assignments and practical work
Tenttien ajankohdat ja uusintamahdollisuudet
Course has an exam.
Opiskelijan ajankäyttö ja kuormitus
Lectures
Assignments and practical work
Evaluation methods and criteria
Grade will be composed of:
50% Personal and group Assignments
50% Exam.
The grade is determined by the average of homework assignments and the average grade of the exam.
Unsubmitted homework assignments lower the average of submissions. For example, if the average of homework assignments is 3.5 and one assignment is not submitted, the grade is reduced by -0.5, resulting in an average of 3. If two homework assignments are not submitted, the grade is 1 regardless of the average of submissions
Failed (0)
<50% of assignment and exam points.
Assessment criteria, satisfactory (1-2)
>=50% of the homework assignments are completed, and 50% of the points are from the exam. Each part must get a passing grade.
Assessment criteria, good (3-4)
>=70% of the homework assignments are completed, and 70% of the points from the exam. Each part must get a passing grade.
Assessment criteria, excellent (5)
>=90% of assignment and exam points. Each part must get a passing grade.